DJBSEC's CyberNews 2026-03-16

Created in March 16, 2026

2026   ·   Daily News   ·   News

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Microsoft researchers have uncovered a new threat involving malicious browser extensions disguised as AI assistants that secretly harvest chat histories from large language model (LLM) platforms. These extensions target users interacting with AI tools and can capture sensitive prompts, responses, and potentially confidential business information. Once installed, the extensions quietly exfiltrate data to attacker-controlled servers, creating significant privacy and security risks. Microsoft warns that as AI tools become embedded in daily workflows, they are becoming attractive targets for threat actors seeking valuable data. Organizations are urged to review browser extension policies and monitor AI tool integrations carefully.
Read More

Payload Ransomware Claims Attack on Royal Bahrain Hospital

The Payload ransomware group has claimed responsibility for a cyberattack targeting the Royal Bahrain Hospital, alleging that it exfiltrated sensitive data from the healthcare provider. According to the attackers, stolen information may include patient records and internal documents, though the full scope of the breach has not yet been confirmed. The group has listed the organization on its leak site, a common tactic used to pressure victims into paying a ransom. Healthcare organizations remain a prime target for ransomware operators due to the high value and sensitivity of medical data. Investigations are ongoing to determine the extent of the incident and potential impact on patient privacy.
Read More

Microsoft Releases Emergency Windows 11 Out-of-Band Update

Microsoft has issued an out-of-band update for Windows 11 to address a critical issue affecting system stability and security. The emergency patch was released outside of the regular Patch Tuesday schedule after users reported widespread problems impacting system functionality. The update specifically targets vulnerabilities and bugs that could disrupt system operations or expose systems to potential exploitation. Microsoft recommends that affected users install the update as soon as possible to maintain system reliability and security. Administrators are also advised to review deployment plans to ensure the patch is rolled out quickly across enterprise environments.
Read More

FortiGate Firewalls Actively Exploited in the Wild

Security researchers are warning that attackers are actively exploiting vulnerabilities in FortiGate firewalls, putting organizations that rely on the popular security appliances at risk. Threat actors are targeting exposed management interfaces and leveraging known flaws to gain unauthorized access to corporate networks. Once inside, attackers may establish persistence, steal credentials, and move laterally within the environment. The exploitation activity highlights the continued risk posed by unpatched perimeter devices. Organizations are strongly encouraged to apply the latest security patches and restrict administrative access to trusted networks only.
Read More

Storm-2561 Uses Spoofed VPN Sites to Steal Corporate Credentials

Microsoft has identified a threat group known as Storm-2561 that is using spoofed VPN login pages to harvest corporate credentials. The attackers lure employees to fake VPN portals that closely mimic legitimate corporate access sites. Once victims enter their credentials, the information is captured and used to gain unauthorized access to enterprise networks. These campaigns often rely on phishing emails or malicious links to redirect targets to the fake login pages. Organizations are advised to implement phishing-resistant authentication methods and educate employees about recognizing fraudulent login portals.
Read More

INTERPOL Operation Synergia III Dismantles 45,000 Malicious IPs

INTERPOL has announced the results of Operation Synergia III, a coordinated global effort targeting cybercrime infrastructure. The operation led to the dismantling of over 45,000 malicious IP addresses linked to phishing, malware, and command-and-control servers. Authorities also arrested 94 individuals suspected of involvement in cybercriminal activities across multiple countries. The initiative involved cooperation between law enforcement agencies, private cybersecurity companies, and international partners. Officials say the operation demonstrates the growing importance of global collaboration in disrupting cybercrime networks.
Read More

Windows 11 Bug May Prevent Access to C: Drive

A newly discovered Windows 11 bug is preventing some users from accessing their system’s primary C: drive, leading to widespread concern among affected users. The issue appears to be tied to certain system configurations and may result in access errors when attempting to open the drive. While the bug does not appear to delete data, it can disrupt normal system operation and administrative tasks. Microsoft is currently investigating the problem and working on a fix. Users experiencing the issue are encouraged to monitor official updates and apply patches once they become available.
Read More

Experts Warn Post-Quantum Cryptography Adoption Can’t Wait

Cybersecurity experts are warning that organizations need to begin preparing for post-quantum cryptography sooner rather than later. Quantum computers could eventually break many of today’s widely used encryption algorithms, potentially exposing sensitive data. While large-scale quantum attacks are not yet feasible, encrypted data stolen today could be decrypted in the future once quantum capabilities mature. Researchers emphasize the importance of adopting quantum-resistant cryptographic standards and beginning migration planning now. Early preparation will help organizations avoid major security risks once quantum computing becomes more practical.
Read More

INTERPOL Operation Synergia III Disrupts Global Cybercrime Infrastructure

A large international law enforcement operation known as Operation Synergia III has disrupted thousands of cybercriminal infrastructure components around the world. Authorities identified and removed tens of thousands of malicious IP addresses used for malware distribution, phishing campaigns, and command-and-control systems. The effort also resulted in dozens of arrests connected to cybercrime activities. The operation relied on cooperation between national cybercrime units, private sector cybersecurity researchers, and global intelligence sharing. Officials say the campaign significantly weakened several cybercriminal networks operating across borders.
Read More

Hackers Target Poland’s National Centre for Nuclear Research

Poland’s National Centre for Nuclear Research has reportedly been targeted in a cyberattack believed to involve advanced threat actors. The attackers attempted to breach systems connected to the research organization, which plays a key role in nuclear science and energy research. Authorities quickly responded by isolating affected systems and launching an investigation into the incident. At this stage, officials say there is no evidence that critical nuclear infrastructure was compromised. The attack highlights the growing focus by cyber threat groups on sensitive research institutions and critical infrastructure targets.
Read More



Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2026-04-16
  • DJBSEC's CyberNews 2026-04-15
  • DJBSEC's CyberNews 2026-04-14
  • DJBSEC's CyberNews 2026-04-13
  • DJBSEC's CyberNews 2026-04-10